Anti-Money Laundering regulations: FINTRAC issues guidance

Six months after new anti-money laundering regulations were introduced, Canada’s financial intelligence group issued new guidelines dealing with so-called politically exposed persons and heads of international organizations.

The amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, published in June 2016 in the Canada Gazette, are arguably the most important changes to the anti-money laundering regime in the past eight years, according to legal experts.

The new regulations introduces a more flexible client identification regime, are expected to facilitate digital commerce, and imposes substantial new risk assessment requirements. It will require reporting entities to spend more money, resources and time to ensure that its current policies, procedures, risk assessments, and training programs are compliant.

A substantive change that may prove to be a wake-up call for many Canadians is the expansion of current regulatory requirements that apply to foreign politically exposed persons (PEPs) to include domestic ones as well as the heads of international organizations, family members and close associates of these individuals. A politically exposed person is someone who held an office or was entrusted with a prominent public function such as a member of a legislature or even a judge. They are deemed to represent a greater money laundering risk because of the possibility that they abused their position. Just like foreign politically exposed persons, domestic PEPs too will come under greater scrutiny. Financial entities and securities dealers will now have to take reasonable measures to determine whether their clients in certain circumstances are “closely associated with” a domestic PEP. Reporting entities will now be compelled to make such determinations when for instance a client proposes to open a new account or make certain large unspecified transactions considered to be of higher risk like making lump sum payments of $100,000 or more.

New Fintrac guidance

Just before Christmas the Financial Transactions and Reports Analysis Centre of Canada (Fintrac) provided guidance that deals with politically exposed persons and heads of international organizations over terms such as “close associate,” “periodic basis,” and “reasonable measures.”

Close associates are individuals who are closely connected to a politically exposed person or a head of international organization for personal and business reasons. They could be business partners, romantic partners, persons serving on the same board or even persons carrying out charitable works with the PEP or head of an international organization.

Fintrac 2015-16 Annual Report

Fintrac’s guidelines stipulate that reporting entities must have a process in place to assess whether existing accounting holders are politically exposed persons or heads of international organizations or close associates or family members on a “periodic basis.” But the guidelines do not specify what periodic basis means. That is something that each reporting entity will have to determine based on its own facts and situation, pointed out Ana Badour, a financial services lawyer with McCarthy Tétrault LLP.

Fintrac does however offer a bit more guidance over what it means by reasonable measures. It can include media monitoring, ongoing monitoring of business relationships, consulting public or private databases, or even asking the client. “A reporting entity must keep a record when the reasonable measure undertaken is unsuccessful, the measure taken, the date and record of why it was unsuccessful,” added Badour.

“A lot of people will have a bad taste in their mouth” when domestic PEPs realize that reporting entities will be scrutinizing their source of funds, said Matthew McGuire, a financial crimes risk-management expert.

Toronto corporate lawyer Peter Aziz disagrees. “When a reporting entity is found to be dealing with a foreign PEP, they are required under the regulations to treat the person as a high risk for money laundering,” explained Aziz, a partner with Torys LLP whose practice focuses on regulatory compliance in the financial services and payments industry. “Whereas for a domestic PEP, a reporting entity can use its discretion, that is, look at all the surrounding circumstances and exercise its discretion to determine whether the person should be considered high risk or not.”

Obligations

Fintrac 2015-16 Annual Report

Under Canadian anti-money legislation reporting entities have a series of obligations they must fulfil. They must identify customers, keep records of their customers and their transactions, ensure they have internal compliance procedures in place, and report transactions that are suspicious or transactions that meet certain conditions.

The amendments however replace existing client identification procedures with a new, more flexible regime that allows for a broader range of sources to establish the identity of a client. The new regulations identify specific types of sources, such as original government-issued photo identification documents, that can be used on a standalone basis because they are deemed to be sufficiently reliable. It also permits other types of sources but so long as it comes from two separate reliable sources used in combination. It could be a reliable source containing the client’s name and their address, the client’s name and birth date, or information containing the name of the client along with a confirmation that the individual has a deposit account, a credit card or a loan account with a Canadian financial entity.

Though the regulations offers greater flexibility in ascertaining client identification, it is far too prescriptive in nature and does not permit regulated entities to use innovative technological identity verification methods, asserted McGuire. Moreover documents used to establish the identity of a client under the dual process method must be an original or electronic copy but cannot be one that has been photocopied, faxed or digitally scanned, according to a Fintrac guideline that was published at the same time as the amendments were passed. “One of the centerpieces of the regulations was an effort to try to make it easier for companies in Canada that are subject to the Act to identify their clients – and it is a fail,” said McGuire. “It provides a whole bunch of options but then puts a whole ton of constraints on its possible uses. How does forbidding the use of photocopied, faxed or digitally scanned documents recognize the new realities?”

More reflective of today’s realities is the fact that the regulations expand the definition of signature to include any type of signature in electronic form that is created or adopted by a client and accepted by a reporting entity as being unique to that client. This is a positive development that will facilitate digital commerce, said Robert Dawkins, a Vancouver commercial litigator with Borden Gervais Ladner LLP. “The change for e-signatures creates a substantial amount of flexibility in dealings with clients non face-to-face,” said Dawkins.

Fintrac 2015-16 Annual Report

The new regulations are meant to address several key failings identified by the Financial Action Task Force (FATF), an international body established in 1989 that sets standards for anti-money laundering (AML) and anti-terrorist financing (ATF) activities, noted Dawkins. In 2008, FATF found that Canada, a founding member, was “non-compliant” on preventative measures such as customer identification and due diligence to combat money laundering. In a follow-up report in 2014, FATF “recognized” that Canada had made “significant progress” in addressing the deficiencies. In September 2016 FATF gave a lukewarm assessment, concluding that gaps still exist that leave Canada open to illegal financial activities even though its anti-money laundering efforts have improved in recent years. “One of the motivators for some of these changes were adverse comments when they were reviewed by FATF,” said Dawkins. “These regulations represent real changes.”

Though more changes to the regulations are expected in the future, McGuire said “there’s a whole bunch of stuff that we expected in this set of regulations that are not there.” The new regulations do not tackle pressing issues such as virtual currencies or prepaid cards which is “top of mind in almost of all the FATF meetings” because of the volume of terrorist financing involving prepaid cards, said McGuire. Nor does it tackle companies that lend money like mortgage firms and private lending companies, which are not governed by regulations, said McGuire. “It would have been strategic to answer all those gaps in a legislative package,” added McGuire.

Still in light of the recent propensity by Canada’s financial intelligence group to levy administrative monetary penalties, the new regulations should be taken “very seriously,” according to observers.

Fintrac 2015-16 Annual Report

Fintrac, which was created in 2000 within the ambit of the money-laundering act, issued 16 monetary penalties in 2014-2015. In 2015–16 it issued 22 Notices of Violations. It also sent a strong message of deterrence after it fined last April an unnamed Canadian bank more than $1.1-million for failing to report a suspicious transaction and various money transfers.

“These are interesting times because we have seen an increase in the use of the regulator’s power to issue fines while at the same time we are moving more and more into a less prescriptive regulatory regime and more of a risk-based approach so there is more uncertainty there,” observed Dawkins. “A need for dialogue is needed between the regulator and reporting entities, and Fintrac needs to have a strong understanding of the business needs of the entities it is regulating because it’s difficult to assess the validity of a risk-based approach without that understanding.”

Canada’s tough stance on dirty money

New anti-money laundering regulations introduced to demonstrate Canada’s tough stance on dirty money to international authorities will require reporting entities to spend more money, resources, and time to be in compliance, according to experts.

Published in mid-February in its final form in the Canada Gazette, the amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Act) are meant to address several key failings identified by the Financial Action Task Force (FATF), an international body established in 1989 that sets standards for anti-money laundering (AML) and anti-terrorist financing (ATF) activities. In 2008, FATF found that Canada, a founding member, was “non-compliant” on preventative measures such as customer identification and due diligence to combat money laundering.

“It would probably embarrass our government if we did not comply with FATF because we have a government that certainly holds itself out as a country with a modern AML and ATF legislative regime that is at the forefront so our government would not want to be seen as having deficiencies – it could hurt Canada’s reputation,” noted Peter Aziz, an expert in regulatory compliance in the financial services and payments industry with Torys LLP.

Under Canadian anti-money laundering legislation reporting entities have a series of obligations they must fulfil: they must identify customers, keep records of their customers and their transactions, ensure they have internal compliance procedures in place, and report transactions that are suspicious or transactions that meet certain conditions even though there is no express obligation to monitor accounts for suspicious activities. “Because it was always sort of implicitly in the legislation that you have to report suspicious transactions, you have to monitor to determine what is and what is not suspicious even there was never an express legislation to monitor,” explained Jacqueline Shinfield, a lawyer with Blake, Cassels & Graydon LLP specializing in regulatory compliance in the retail financial services and payments industry.

But as of next year, once the amendments come into force, that will change. The new regulations introduce the concept of a “business relationship,” and provide that once a business relationship is established regulated entities will be required to conduct on-going monitoring of business relationships with clients, using a risk-based approach. The new regulations define what it is that they want reporting entities to monitor, and for large institutions they expect monitoring to be done on a consolidated basis across all products, notes Shinfield.

For many reporting entities that will prove to be an onerous requirement, says Matthew McGuire, an anti-money laundering expert. There are an estimated 300,000 reporting entities in Canada, ranging from financial institutions to life insurance companies to real estate agents brokers and developers to casinos. Even accountants and accounting firms as well as lawyers are captured by the legislation.

“Most large financial institutions will have the capability to look across an entire client relationship at a glance but in less sophisticated environments – a real estate dealer or for money services business – trying to consolidate across activity by clients becomes more difficult,” explained McGuire. “And much more difficult becomes on-going monitoring of all clients regardless of risk – that is probably the most significant thing about this legislative change. That’s a huge obligation.”

money-laundering-scheme-bigSince not all reporting entities have sophisticated monitoring systems in place, it will oblige many to invest money and time to acquire and implement automated transaction monitoring systems, says McGuire. “Let’s think about it – do all reporting entities all have the tools in hand to be able to program and understand what rules they should be running in terms of ongoing monitoring?” asks McGuire rhetorically.

Besides compelling regulated entities to now keep up-do-date records with respect to the purpose and nature of the business relationship of their clients, the new regulations will also require reporting entities to obtain identification information under certain circumstances from all persons who own 25 per cent or more of a corporation or entity. Under legislation currently in force financial entities have an obligation to obtain so-called “beneficial ownership,” that is, collect information about all directors and natural persons owning or controlling — according to prescribed percentages — the corporation and entity. The amendments specifically clarify that those reporting entities should also obtain documentary evidence from the client that confirms the beneficial information that they have obtained.

“These amendments actually do add additional obligations that are a bit different from before,” says Kashif Zaman, a partner with Osler, Hoskin & Harcourt LLP. “”Before the customer identification requirements and the customer due diligence was conducted typically at the front end, when the business relationship was established. These new obligations will require reporting entities to actually take a more serious look at the documents and client information to make sure they can assess them properly” instead of simply checking off boxes in intake forms.

FintracQuestions still linger over the reach of the new amendments. Many experts in the field are counting on the Financial Transactions and Reports Analysis Centre (FINTRAC), Canada’s financial intelligence unit created in 2000 that operates within the ambit of the Act, and the Office of the Superintendent of Financial Institutions to provide updated guidance before end of year.

“Guidance is needed because the wording of the legislation is drafted broadly,” said Zaman. “Ongoing monitoring is defined very broadly. What are their expectations? So different stakeholders will have different concerns depending on their business. The guidelines will provide their expectations as to what they want industry players to be thinking about.”

McGuire has a harsher assessment. “We have woefully inadequate risk-based guidance,” said McGuire. “Like FATF points out, we should put out a threat assessment so that the players understand the money laundering environment they operate in. That should be the cornerstone of program in the country, and it doesn’t exist. Then the guidance on how to tactically implement risk-based approach under these new standards.”

Reporting entities, however, are bracing for more changes. A consultation paper entitled “Strengthening Canada’s Anti-Money Laundering and Anti-Terrorist Financing Regime” drafted on December 2011 by the Department of Finance is currently being reviewed by the Senate. “What I think may be challenging is implementing these new changes which will take systems and resources, and then in a likely very short period thereafter having a complete second set of amendments as well,” said Shinfield.

In the meantime Shinfield recommends that reporting entities amend and update their anti-money laundering policies, change and update their intake forms to ensure that proper information is requested of clients, update their systems, and ensure that ongoing monitoring is performed that addresses the provisions of the Act.